mrckndt/CS-Repro-Mattermost
1
0
Fork 1
mirror of https://github.com/coltoneshaw/CS-Repro-Mattermost.git synced 2025-12-23 10:01:30 +01:00
Code Releases Activity

Added ldap setup

Browse Source
This commit is contained in:
coltoneshaw
2024-03-29 10:12:05 -04:00
parent f2d3a10617
commit 042d7b58e6
8 changed files with 200 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@@ -4,4 +4,5 @@ license.txt
## Ignoring keycloak so it can be pulled already setup. ## Ignoring keycloak so it can be pulled already setup.
volumes volumes
**/.DS_Store **/.DS_Store
.DS_Store

75
README.md
View File

@@ -2,6 +2,8 @@
This is a basic reproduction that includes various components preconfigured like SAML, LDAP, advanced logging, prometheus, grafana, and elasticsearch. This is a basic reproduction that includes various components preconfigured like SAML, LDAP, advanced logging, prometheus, grafana, and elasticsearch.
- [LDAP](#ldap)
## Making Changes ## Making Changes
If you're testing changes with Mattermost I do not suggest running `make restart` or `make stop` because the keycloak instance can quickly get into a failed state with too frequent of restarts. Instead do `make restart-mattermost`. If you're testing changes with Mattermost I do not suggest running `make restart` or `make stop` because the keycloak instance can quickly get into a failed state with too frequent of restarts. Instead do `make restart-mattermost`.
@@ -121,3 +123,76 @@ All the Mattermost grafana charts are already installed and linked, you just hav
2. Sign in with `admin` / `admin`. Change the password if you want, I don't suggest it. 2. Sign in with `admin` / `admin`. Change the password if you want, I don't suggest it.
3. Click `Dashboards` > `Manage` 3. Click `Dashboards` > `Manage`
4. Click any of the dashboards you want to view. 4. Click any of the dashboards you want to view.
## LDAP
### Adding Users
You can easily add users to the ldap container by using the provided ldif file and query.
Here is an example of the command. If you run this right now you'll add two users to your ldap environment.
Note that if the data already exists in the ldif the command will fail.
```bash
docker exec -it cs-repro-openldap ldapmodify \
-x \
-H ldap://openldap:10389 \
-D "cn=admin,dc=planetexpress,dc=com" \
-w GoodNewsEveryone \
-f /ldap/ldapadd.ldif
```
### Adding Group Members
To add a group member we have to use `ldapmodify`. Below is an example of the command. If you run the example we take the two user from the above command and add them to the `robot_mafia` group.
```bash
docker exec -it cs-repro-openldap ldapmodify \
-x \
-H ldap://openldap:10389 \
-D "cn=admin,dc=planetexpress,dc=com" \
-w GoodNewsEveryone \
-f /ldap/ldapmodify.ldif
```
### LDAP Search
Everything that comes after the `-w` flag is a part of the search on the base DN. Just replace that with what you have in the user filter.
#### Searching for Groups
```bash
docker exec -it cs-repro-openldap ldapsearch \
-x -b "DC=planetexpress,DC=com" \
-H ldap://openldap:10389 \
-D "cn=admin,dc=planetexpress,dc=com" \
-w GoodNewsEveryone \
"(objectClass=Group)"
```
#### Searching for People
```bash
docker exec -it cs-repro-openldap ldapsearch \
-x -b "DC=planetexpress,DC=com" \
-H ldap://openldap:10389 \
-D "cn=admin,dc=planetexpress,dc=com" \
-w GoodNewsEveryone \
"(objectClass=Person)"
```
### Add New Attributes to LDAP
Let's say you need a special attribute added to LDAP for testing, like a uniqueID you can tweak. Using the below command we'll add an attribute called `uniqueID` to our users from above. If we want to extend this to the rest of Futurama they'll need to be in the ldif file.
```bash
docker exec -it cs-repro-openldap ldapmodify \
-x \
-H ldap://openldap:10389 \
-D "cn=admin,cn=config" \
-w GoodNewsEveryone \
-f /ldap/addUniqueID.ldif
```
A few notes, when adding this attribute you must add the `customPerson` objectclass to the person before you can assign the attribute. See the `ldapadd.ldif` file for help.

2
docker-compose.yml
View File

@@ -97,6 +97,8 @@ services:
hostname: openldap hostname: openldap
restart: unless-stopped restart: unless-stopped
image: rroemhild/test-openldap:latest image: rroemhild/test-openldap:latest
volumes:
- ./ldap:/ldap:rw
ports: ports:
- "10389:10389" - "10389:10389"
- "10636:10636" - "10636:10636"

18
ldap/addUniqueID.ldif Normal file
View File

@@ -0,0 +1,18 @@
version: 1
# Add the UNIQUEID Attribute
dn: cn={0}core,cn=schema,cn=config
changetype: modify
add: olcAttributetypes
olcAttributetypes: ( 1.2.840.113556.1.4.9990 NAME 'uniqueId'
DESC 'Unique Identifier'
SYNTAX '1.3.6.1.4.1.1466.115.121.1.15' SINGLE-VALUE )
# Define customPerson as an auxiliary class
dn: cn={0}core,cn=schema,cn=config
changetype: modify
add: olcObjectClasses
olcObjectClasses: ( 1.2.840.113556.1.5.999 NAME 'customPerson'
DESC 'Custom Person Object Class'
AUXILIARY
MAY uniqueId )

98
ldap/ldapadd.ldif Normal file
View File

@@ -0,0 +1,98 @@
dn: cn=Joey Mousepad,ou=people,dc=planetexpress,dc=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: customPerson
cn: Joey Mousepad
sn: Mousepad
givenName: Joey
userPassword: password
mail: jMousepad@aol.com
title: Robot Mafia Henchperson
uid: jmousepad
jpegPhoto: < file:///ldap/photos/JoeyMousepad.jpg
uniqueId: 2
dn: cn=Donbot Smith,ou=people,dc=planetexpress,dc=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: customPerson
cn: Donbot Smith
sn: Smith
givenName: Donbot
userPassword: password
mail: dsmith@planetexpress.com
title: Robot Mafia Godfather
uid: dsmith
jpegPhoto: < file:///ldap/photos/Donbot.jpg
uniqueId: 1
dn: cn=robot_mafia,ou=people,dc=planetexpress,dc=com
changetype: add
objectClass: Group
objectClass: top
groupType: 2147483650
cn: robot_mafia
member: cn=Donbot Smith,ou=people,dc=planetexpress,dc=com
member: cn=Joey Mousepad,ou=people,dc=planetexpress,dc=com
dn: cn=Hubert J. Farnsworth,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 3
dn: cn=Philip J. Fry,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 4
dn: cn=John A. Zoidberg,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 4
dn: cn=Hermes Conrad,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 5
dn: cn=Turanga Leela,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 5
dn: cn=Bender Bending Rodríguez,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 6
dn: cn=Amy Wong+sn=Kroker,ou=people,dc=planetexpress,dc=com
changetype: modify
add: objectClass
objectClass: customPerson
-
add: uniqueId
uniqueId: 7

5
ldap/ldapmodify.ldif Normal file
View File

@@ -0,0 +1,5 @@
dn: cn=ship_crew,ou=people,dc=planetexpress,dc=com
changetype: modify
add: member
member: uid=jdoe,ou=people,dc=planetexpress,dc=com
member: uid=jsmith,ou=people,dc=planetexpress,dc=com

BIN
ldap/photos/Donbot.jpeg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
ldap/photos/JoeyMousepad.jpeg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 32 KiB